package com.ys.util.shiro;

import java.util.ArrayList;
import java.util.HashSet;
import java.util.List;
import java.util.Set;

import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;

import com.alibaba.fastjson.JSON;
import com.ys.entity.shiro.LoginUser;
import com.ys.entity.sys.SysButton;
import com.ys.entity.sys.SysMenu;
import com.ys.entity.sys.SysRole;
import com.ys.enume.sys.SysMenuEnum;

public class UserRealm extends AuthorizingRealm {
	
	// 授权
	@Override
	protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
		System.out.println("执行了=》授权doGetAuthorizationInfo");
		
		//1.通过主体传过来的认证信息中去获取用户名
		LoginUser loginUser = (LoginUser) principalCollection.getPrimaryPrincipal();
        System.out.println(JSON.toJSONString(loginUser));
		
		// 权限列表
		List<String> listAuth = new ArrayList<String>();
		listAuth.add("sys:dashboard");
		listAuth.add("sys:indexCommonOfMenu");
//		list.add("sysCol:view");
		Long roleId = loginUser.getRoleId();
		SysRole ysRole = new SysRole().setId(roleId).queryFirst();
		
		// 菜单权限
		List<SysMenu> listSysMenu;
		if (roleId == 1L) {
			listSysMenu = new SysMenu().setLev(SysMenuEnum.Lev.THREE.value).queryList();
		} else if (ysRole.getStatus() == 1) {
			listSysMenu = new SysMenu().setLev(SysMenuEnum.Lev.THREE.value).where("A.Id in (select MenuId from YS_RoleMenu where RoleId = '" + roleId + "')").queryList();
		} else {
			listSysMenu = new ArrayList<SysMenu>();
		}
		for(SysMenu ysMene : listSysMenu) {
			listAuth.add(ysMene.getNameShiroAuth());
		}
		
		// 按钮权限
		List<SysButton> listSysButton;
		if (roleId == 1L) {
			listSysButton = new SysButton().queryList();
		} else if (ysRole.getStatus() == 1) {
			listSysButton = new SysButton().where("A.Id in (select ButtonId from YS_RoleButton where RoleId = '" + roleId + "')").queryList();
		} else {
			listSysButton = new ArrayList<SysButton>();
		}
		for(SysButton sysButton : listSysButton) {
			listAuth.add(sysButton.getNameShiroAuth());
		}
		
		Set<String> permissions = new HashSet<String>(listAuth);
		
		SimpleAuthorizationInfo simpleAuthorizationInfo = new SimpleAuthorizationInfo();
		simpleAuthorizationInfo.setStringPermissions(permissions);
		return simpleAuthorizationInfo;
	}

	// 认证
	@Override
	protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken)
			throws AuthenticationException {
		System.out.println("认证：=》doGetAuthenticationInfo");
		UsernamePasswordToken token = (UsernamePasswordToken) authenticationToken;
//		// 用户名，密码 数据库中取
//		String loginName = token.getUsername();
//		SysAdmin admin = new SysAdmin().setLoginName(loginName).queryFirst();
//		String password = AESUtil.aesDecrypt(admin.getLoginPass());
//		System.out.println("Username---" + token.getUsername());
		
		// 密码认证，shiro做
		return new SimpleAuthenticationInfo(token.getUsername(), token.getPassword(), "");
	}

    /**
     * 清理缓存权限
     */
    public void clearCachedAuthorizationInfo()
    {
        this.clearCachedAuthorizationInfo(SecurityUtils.getSubject().getPrincipals());
    }

}
